CVE-2018-6593

HIGH

Malwarefox Antimalware - Incorrect Permission Assignment

Title source: rule

Description

An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Improper access control in zam32.sys and zam64.sys allows a non-privileged process to register itself with the driver by connecting to the filter communication port and then using IOCTL 0x8000204C to \\.\ZemanaAntiMalware to elevate privileges.

Exploits (1)

exploitdb WORKING POC

by Souhail Hammou · clocalwindows

https://www.exploit-db.com/exploits/43973

View Code ZIP pw:eip

References (2)

[Third Party Advisory] https://github.com/SouhailHammou/Exploits/blob/master/CVE-2018-6593/Malwarefox_privescl_0.c

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/43973/

Scores

CVSS v3 7.8

EPSS 0.0034

EPSS Percentile 56.6%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-732

Status published

Products (1)

malwarefox/antimalware 2.74.0.150

Published Feb 03, 2018

Tracked Since Feb 18, 2026